search for: sshkey_sign

...int r, ok = -1; struct sshbuf *msg; - struct sshkey *key; + struct sshkey *key, *sign_key; struct identity *id; if ((msg = sshbuf_new()) == NULL) @@ -403,7 +451,12 @@ process_sign_request2(SocketEntry *e) verbose("%s: user refused key", __func__); goto send; } - if ((r = sshkey_sign(id->key, &signature, &slen, + + if (id->shadowed_key) + sign_key = id->shadowed_key->key; + else + sign_key = id->idkey->key; + if ((r = sshkey_sign(sign_key, &signature, &slen, data, dlen, compat)) != 0) { error("%s: sshkey_sign: %s", __func__...

...t oracle.com After code refactoring for library-like interfaces, error messages are no longer printed for DSA_do_sign() or RSA_sign() failures in some code paths. When investigating error messaging for signing failures I also noticed, that incorrect messages are printed for sshkey_from_blob() and sshkey_sign() errors in ssh-agent.c. -- You are receiving this mail because: You are watching the assignee of the bug.

On 2019-11-14, Damien Miller <djm at mindrot.org> wrote: > Please give this a try - security key support is a substantial change and > it really needs testing ahead of the next release. Hi Damien, Thanks for working on security key support, this is a really nice feature to have in openssh. My non-FIDO2 security key (YubiKey NEO) doesn't work with the latest changes to openssh

...tion uv is unknown debug1: ssh_sk_sign: check_sk_options uv debug1: sshsk_sign: sk_sign failed with code -3 debug1: ssh-sk-helper: Signing failed: incorrect passphrase supplied to decrypt private key debug1: main: reply len 8 debug1: client_converse: helper returned error -43 debug1: identity_sign: sshkey_sign: incorrect passphrase supplied to decrypt private key Enter PIN for ECDSA-SK key /tmp/TEST-id_ed25519-sk: Confirm user presence for key ECDSA-SK SHA256:HixXHmVbrCZRxWUXIDOZF50VAIf/cVESDcBZsKSWcro debug1: start_helper: starting /usr/lib/ssh/ssh-sk-helper debug1: process_sign: ready to sign with key...

https://bugzilla.mindrot.org/show_bug.cgi?id=2737 Bug ID: 2737 Summary: function identity_sign() assume private key's pub part as same as the .pub key. Product: Portable OpenSSH Version: 7.5p1 Hardware: Other OS: Other Status: NEW Severity: enhancement Priority: P5

https://bugzilla.mindrot.org/show_bug.cgi?id=2890 Bug ID: 2890 Summary: ssh-agent should not fail after removing and inserting smart card Product: Portable OpenSSH Version: 7.7p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component:

https://bugzilla.mindrot.org/show_bug.cgi?id=2635 Bug ID: 2635 Summary: Unable to use SSH Agent and user level PKCS11Provider configuration directive Product: Portable OpenSSH Version: 7.3p1 Hardware: Other OS: Linux Status: NEW Severity: normal Priority: P5